Attorney's Docket No. 200309084-1 
Application No. 10/679,092 



AMENDMENTS TO THE CLAIMS: 

The following listing of claims will replace all prior versions, and listings, of claims in 
the application: 

1. (Currently amended) A method for facilitating content downloads via an insecure 
communications channel, comprising: 

receiving prov i d i ng , from a device,, via [[an]] the insecure communications channel, at 
least one shared secret in encoded form that functions as an identifier of the device; 

transmitting encrypted content, via the insecure communications channel from a 
content sorvor to the device; 

receiving prov i d i ng the shared secret in plaintext form via a secure communications 
channel; 

receiving a confirmation authorizing release of a decryption key; and 

sending the decryption key to the device for decryption of the encrypted content. 

2. (Original) A method as recited in claim 1, wherein the confirmation is based on 
payment for the transmitted encrypted content. 

3. (Original) A method as recited in claim 1, wherein the shared secret identifies a user, 
the device, or both. 

4. (Original) A method as recited in claim 1, wherein the shared secret is a credit card 
number or a phone number. 
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5. (Original) A method as recited in claim 1, further comprising: 

receiving from the device an acknowledgement indicating receipt of the decryption 

key. 

6. (Original) A method as recited in claim 1, wherein the decryption key is sent to the 
device via the insecure communication channel. 

7. (Original) A method as recited in claim 1, wherein the decryption key is sent in 
plaintext form to a point of sale terminal via the secure channel. 

8. (Previously presented) A method as recited in claim 1, further comprising: 
providing a random plaintext from the device. 

9. (Original) A method as recited in claim 8, wherein the shared secret is encoded by a 
hash function of a combination of the shared secret and the random plaintext. 

10. (Original) A method as recited in claim 8, further comprising: 
encrypting the decryption key before sending it to the device. 

1 1 . (Previously presented) A method as recited in claim 10, wherein the decryption key 
is encrypted using at least the shared secret. 

12. (Previously presented) A method as recited in claim 1, further comprising: 
providing from the device a content download confirmation value that is encoded with 

the shared secret. 
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13. (Original) A method as recited in claim 12, wherein the content download 
confirmation value is based on an MD5 checksum. 

14. (Original) A method as recited in claim 12, wherein the content download 
confirmation value is based on a calculation using the shared secret. 

15. (Previously presented) A method as recited in claim 12, wherein the providing of a 
confirmation further comprises: 

providing a random plaintext from the device; 

providing a hash of the shared secret and the random plaintext for each shared 

secret; 

computing a hash of the shared secret with the random plaintext to produce a 
cyphertext for each shared secret; 

comparing the cyphertext to the hash of each of the shared secrets; and 

in the case of a match, identifying the corresponding transmitted encoded content, 
encoding a content download confirmation value for the transmitted encoded content using 
the shared secret; and 

comparing the computed content download confirmation value to the received 
content download confirmation value to verify a complete content download. 

16. (Original) A method as recited in claim 15, further comprising: 

after verification of the complete content download, causing a prompt to be sent to a 
user of the device to purchase the downloaded content; and 
receiving a confirmation of receipt of payment. 
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17. (Currently amended) A method as recited in claim 1, wherein content stored i n tho 
cont e nt s e rv e r is encrypted prior to a start of a download process. 

18. (Currently amended) A method for downloading content from a content server over 
an insecure communications channel, comprising: 

sending a shared secret in an encoded form to [[a]] the content server via [[an]] the 
insecure communications channel; 

downloading,, from the content serve r, the an e ncrypt e d content in an encrypted form 
via the insecure communications channel; 

sending an encoded content download confirmation value to the content server via 
the insecure communications channel; 

receiving a decryption key in an encrypted form from the content server via the 
insecure communications channel, wherein the decryption key is encrypted using the shared 
secret; 

decrypting the down l oad e d received decryption key using the shared secret: 
decrypting the downloaded encrypted content using the decryption key; and 
sending an acknowledgement of the received decryption key. 

19. (Original) The method of claim 18 further comprising: 

providing an indicia of acceptance of terms of the download and decryption of the 
encrypted content by the user, wherein the indicia is an indication of acceptance of payment. 

20. (Currently amended) A method of authorizing a release of a decryption key 
corresponding to [[a]] downloaded encrypted content, comprising: 

receiving from a use^ via a secure channel a shared secret in a plaintext form; 
sending the shared secret to a content server; 
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receiving a confirmation of successful encrypted content download from the content 

server; 

prompting the user to accept terms of download and decryption of the encrypted 
content; and 

after receipt of an indicia of such acceptance, sending an authorization to the content 
server to release [[a]] the decryption key for decrypting the downloaded encrypted content. 

21 . (Currently amended) A system for transmitting a content file to a device, comprising: 
a content server operative to store a plurality of content files, to wirelessly transmit 

the content files via an insecure channel, and to communicate with via a secure channel; 
one or more remote devices operative to transmit and receive communications to 

and from the content server over the insecure channel including anyone of the content files 

in encrypted form, each device including a processor to manage the communications as well 

as encryption and decryption of communicated data; 

a point of sale terminal operative to communicate with a user associated with any of 

the devices; and 

a payment server communicatively disposed between the point of sale terminal and 
the content server, and communicating therewith via the secure channel, further operative to 
provide a shared secret in plaintext form v i a th e secur e d channe l from the user to the 
content server via the secured channel , 

wherein the content server is further operative to release a decryption key to one of 
the devices upon receipt of confirmation from payment server that the user of the device 
accepted terms of download and decryption of [[a]] the content file, whoro i n the decryption 
key [[is]] being encrypted using the shared secret. 
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22. (Currently amended) A computer z readable program embodied on a computer^ 
readable medium that, when executed by a computer, performs a method for facilitating 
cont e nt download of a content file from a content server to a device via an insecure 
communications channel, the computer-readable program comprising: 

program code for causing [[a]] the computer to receive a shared secret in an encoded 
form from a device, the encoded shared secret functioning as a device identifier; 

program code for causing [[a]] the computer to transmit the content file in an 
encrypted form from a content server to the device; 

program code for causing [[a]] the computer to receive the shared secret in plaintext 
form via a secure channel; 

program code for causing [[a]] the computer to receive a confirmation authorizing 
[[the]] release of a decryption key for the transmitted encrypted content file; and 

program code for causing [[a]] the computer to send the decryption key for decrypting 
the transmitted encrypted content file for which the payment confirmation has been received. 

23. (Currently amended) The compute r-readable program embodied on a compute^ 
readable medium of claim 22 A wherein the confirmation is sent upon payment by a user of 
the device for the downloaded content. 

24. (Currently amended) A computer z readable program embodied on a computer 
readable medium that, when executed by a computer, performs a method for downloading 
content from a content server, over an insecure communications channel, comprising: 

code for sending a shared secret in an encoded form to [[a]] the content server in an 
encrypted form : 

code for receiving from the content server an encrypted content; 
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code for sending an encoded content download confirmation value to the content 

server; 

code for receiving an e ncrypt e d decryption key in an encrypted form from the content 
server, wherein the decryption key is encrypted using the shared secret; 

code for decrypting the encrypted decryption key using the shared secret; 

code for decrypting the downloaded encrypted content using the decryption key; and 

code for sending an acknowledgement of the received decryption key[[;]].. 

25. (Currently amended) The computer z readable program embodied on a computer 
readable medium of claim 24 L further comprising: 

code for providing an indicia of acceptance of terms of the download and decryption 
of the encrypted content by [[the]] a user, wherein the indicia is an indication of acceptance 
of payment. 

26. (Currently amended) A computerzreadable program embodied on a computer^ 
readable medium that, when executed by a data processor, performs a method for 
authorizing a release of a decryption key corresponding to [[a]] downloaded encrypted 
content, the computer-readable program comprising: 

code for receiving a shared secret in a plaintext form from a user[[,]] via a secure 
channel; 

code for sending the shared secret to a content server; 

code for receiving a confirmation of successful encrypted content download from the 

[[file]] content server; 

code for prompting the user to purchase the downloaded encrypted content; and 
code for, after receipt of payment for the downloaded encrypted content , sending an 

authorization to the content server to release [[a]] the decryption key , the decryption key 

being operative to decrypt the downloaded encrypted [[file]] content . 
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27. (Currently amended) A method of facilitating content download via an insecure 
communications channel, comprising: 

receiving an identifier from a device as a concealed identifier that identifies the 

device; 

transmitting an encrypted file to the device via [[an]] the insecure communications 
channel, wherein the encrypted file has a corresponding decryption key; 

receiving the identifier in an unconcealed form over a secure channel; 
receiving an authorization from a payment server over the secure channel; 
encrypting the key using the identifier; and 
transmitting the encrypted key to the device. 

28. (Currently amended) A method for payment of file downloads to a wireless device, 
comprising: 

receiving an identifier from a device as a concealed identifier which corresponds to 
the wireless device; 

transferring a selected encrypted file in an encrypted form to the wireless device, 
wherein the selected file is encrypted using a key; 

receiving the identifier in an unconcealed form over a secure channel as part of a 
payment transaction; 

using the identifier to encrypt the key; and 

transmitting the encrypted key to the wireless device after receipt of payment. 

29. (Currently amended) A system for transmitting content via an insecure 
communications channel, comprising: 
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means for receiving a shared secret in a concealed form, from a device, wherein the 
shared secret identifies the device; 

means for transferring a selected content file in an encrypted form to the device, 
wherein the selected content file has a corresponding decryption key; 

means for receiving the shared secret in an unconcealed form over a secure channel 
as part of a payment transaction; 

means for using the shared secret to encrypt [[a]] the decryption key; and 

means for transmitting the encrypted decryption key to a w i r ele ss the device after 
receipt of payment. 

30. (Currently amended) An apparatus for downloading content down l oad to a device 

via an insecure channel comprising: 

means for receiving at least one identifier from [[a]] the device, wherein the identifier 

is concealed and identifies the device; 

means for transmitting an encrypted content file to the device; and 

means for transmittingj. after receipt of an authorization, a decryption key encrypted 

using the identifier, wherein the decryption key can decrypt the encrypted content file. 
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